PT-2019-4448 · Linux+4 · Linux Kernel+4

Salvatore Bonaccorso

·

Publicado

2018-05-31

·

Atualizado

2020-08-18

·

CVE-2019-15239

CVSS v3.1

7.8

Alta

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 4.9.190 Linux kernel versions prior to 4.14.139
Description The issue is related to a change in the net/ipv4/tcp output.c component of the Linux kernel, which was incorrectly backported to earlier longterm kernels. This introduced a new vulnerability that can be exploited by a local attacker to trigger multiple use-after-free conditions by adding to a write queue between disconnection and re-connection. This can result in a kernel crash or potentially in privilege escalation.
Recommendations For Linux kernel versions prior to 4.9.190, update to version 4.9.190 or later to resolve the issue. For Linux kernel versions prior to 4.14.139, update to version 4.14.139 or later to resolve the issue. As a temporary workaround, consider restricting access to the net/ipv4/tcp output.c component to minimize the risk of exploitation.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2018-1825
ALT-PU-2018-1919
BDU:2020-00235
CESA-2019_3979
CVE-2019-15239
DLA-1884-1
DSA-4497-1
OPENSUSE-SU-2019:2173-1
OPENSUSE-SU-2019:2181-1
OPENSUSE-SU-2019_2173-1
OPENSUSE-SU-2019_2181-1
RHSA-2019:3978
RHSA-2019:3979
RHSA-2019_3978
RHSA-2019_3979
RHSA-2020:0027
SUSE-SU-2019:2412-1
SUSE-SU-2019:2414-1
SUSE-SU-2019:2424-1
SUSE-SU-2019:2648-1
SUSE-SU-2019:2651-1
SUSE-SU-2019:2658-1
SUSE-SU-2019:2738-1
SUSE-SU-2019:2756-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:3215-1
SUSE-SU-2019:3228-1
SUSE-SU-2019:3230-1
SUSE-SU-2019:3249-1
SUSE-SU-2019:3258-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse